连接到Linux服务器上的远程PSQL时出现问题

oalqel3c  于 2023-03-07  发布在  Linux
关注(0)|答案(2)|浏览(178)

我有一个安装了PSQL的Linux服务器(psql(15.2(Ubuntu www.example.com +1))。15.2-1.pgdg22.04+1))). This is installed on Oracle Cloud.
我正在尝试使用以下命令进行连接

psql -h 129.213.17.88 -p 5432 -d breedingdb -U postgres

其中www.example.com是Oracle中服务器的公用IP。129.213.17.88 is the public IP of the server in Oracle.
错误信息:

psql: error: connection to server at "129.213.17.88", port 5432 failed: No route to host
    Is the server running on that host and accepting TCP/IP connections?

sudo systemctl status postgresql
我已经修改了postgresql.conf以包含:

listen_addresses = '*'
port = 5432

我已经更改了pg_hba. conf以包含:

host    all             all             0.0.0.0/0                md5
host    all             all             ::1/128                  md5

在那之后sudo systemctl restart postgresql
inbound rules on Oracle cloud

netstat -an | grep -i listen
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:5432            0.0.0.0:*               LISTEN     
tcp6       0      0 :::22                   :::*                    LISTEN     
tcp6       0      0 :::111                  :::*                    LISTEN     
tcp6       0      0 :::5432                 :::*                    LISTEN

连接locally没有问题
sudo nmap-sS网址:www.example.com-p 5432129.213.17.88 -p 5432

Starting Nmap 7.80 ( https://nmap.org ) at 2023-02-22 18:19 UTC
Nmap scan report for 129.213.17.88
Host is up (0.00042s latency).

PORT     STATE  SERVICE
5432/tcp closed postgresql

Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds

ping网址129.213.17.88

PING 129.213.17.88 (129.213.17.88) 56(84) bytes of data.
64 bytes from 129.213.17.88: icmp_seq=1 ttl=63 time=0.508 ms
64 bytes from 129.213.17.88: icmp_seq=2 ttl=63 time=0.498 ms
64 bytes from 129.213.17.88: icmp_seq=3 ttl=63 time=0.483 ms
^C
--- 129.213.17.88 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2043ms
k3fezbri

k3fezbri1#

OCI支持团队已经与我通了电话,他们能够为我提供解决方案。
如问题中所示,之前在OCI(入站规则)中进行了网络级别更改,以允许连接到端口5432。
我错过了防火墙级别的更改:
编辑/etc/iptables/rules.v4
添加以下行,其中5432是PSQL端口:

-A INPUT -p tcp -m state --state NEW -m tcp --dport 5432 -j ACCEPT

保存并退出
然后,我们需要重新启动iptables netfilter-persistent restart以查看是否应用了规则:

iptables -L

它应该有:

ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:postgresql

我得提一下这是不安全的风险自担它对我的目的很有效。
然后使用命令psql -h ip_address -d dbname -U username -W连接到受密码保护的远程数据库。
我试着用私有和公共ip连接,它们都能工作。两个instances都在同一个vcn上。
成功连接到breedingdb:

bakd9h0s

bakd9h0s2#

是否检查/添加了该端口的iptables规则?
https://blogs.oracle.com/developers/post/enabling-network-traffic-to-ubuntu-images-in-oracle-cloud-infrastructure
sudo nmap -sS <private ip> -p 5432是否将端口显示为打开?

相关问题